Re: Additional WebDAV Requirements?

>In addition the DAV ACL effort (there are two IDs out, one for requirements
>and another for protocol) is defining how you can actually set those ACLs
in
>the first place.

Thanks for the RTFM. This is exactly what I had in mind. Given that
distributed authoring is so involved with roles, I think including access
control in the spec (or a related spec) is crucial.

As far as the ACL requirements/spec themselves are concerned, I have a few
thoughts:

1. I think we can learn much from the LDAP access control approach (WebDAV
ACL's already sound quite similar). For example, the spec leaves open the
question of how ACE's are actually represented and accessed. If they are
simply special properties, they can be accessed in the same way as other
properties. Also if, as in LDAP, an ACE can apply to a property, then the
question of controlling access to ACE's themselves is resolved.

2. I think that lock and reserve rights should be added to the list of
generic rights. These are first-class WebDAV actions and should be
represented as such in the ACL mechanism.

Jeff Sussna

Received on Thursday, 30 July 1998 23:28:02 UTC